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~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 

All claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1.313 and MPEP 1308. 

1 . ^ This communication is responsive to 11/22/2011 . 

2. □ An election was made by the applicant in response to a restriction requirement set forth during the interview on ; the restriction 

requirement and election have been incorporated into this action. 

3. |EI The allowed claim(s) is/are 1-8, 10-16, 18-25, 27-28, 31-45, 47-61, 63-68, 70-75, 77-87, 89-105, 108-128 and 131-144 . 

4. □ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a) □ All b) □ Some* c) □ None of the: 

1 . Q Certified copies of the priority documents have been received. 
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3. Q Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
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Paper No./Mail Date . 
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EXAMINER'S AMENDMENT 

An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1 .31 2. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Holmes W. Anderson (Reg. No: 37,272) on February 16, 2012. 

The application has been amended as follows: 


1 . (currently amended) A communication system comprising: 

a plurality of multicast devices forming a shared multicast distribution tree; 
a host device with a processor ; 
a key server; and 

a designated device with a processor , separate from the key server, through 
which the host device requests access to the shared tree associated with a group, 
wherein: 

the host device obtains access information from the key server for the host 
device to enable the host device to request access to the shared tree associated with 
the group, the access information including authentication information unique to the host 
device/group pair, the authentication information including an access token comprising a 
host identifier, a token identifier and an authentication key for authenticating the host 
with the designated device; 

the designated device obtains the access information associated with the host 
device/group pair from the key server for enabling the host device to access the shared 
tree; 

the host device sends an access control message to the designated device to 
join the shared tree; and 
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the designated device uses the access information to authenticate the host 
device before adding the host device to the shared tree, including using the token 
identifier to obtain a group identifier and authentication key from memory in order to 
verify authentication of the host device. 

36. (currently amended) The method of claim 2© 28, wherein the access information 
further comprises an expiration date for the access token. 


61 . (currently amended) An apparatus comprising: 

authenticating logic operably coupled to authenticate a host device for entry into 
a multicast group; 

access logic , implemented by a processor, operably coupled to generate access 
information for the host device, the access information including authentication 
information unique to the host device/multicast group pair, the authentication information 
including an access token comprising a host identifier, a token identifier and an 
authentication key for authenticating the host with the designated device; and 

distribution logic operably coupled to distribute the access information both to the 

host 

device and to a separate designated device for enabling the host device to access a 
shared multicast distribution tree through the designated device, the token identifier 
being used by the designated device to obtain a group identifier and authentication key 
from memory in order to verify authentication of the host device. 


68. (currently amended) A computer program stored on a non-transitory computer- 
readable storage medium for controlling a key server in a computer system, the 
computer program comprising: 

authenticating logic programmed to authenticate a host device for entry into a 
multicast group; 
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access logic programmed to generate access information for the host device the 
access information including authentication information unique of the host 
device/multicast group pair , the authentication information including an access token 
comprising a host identifier, a token identifier and an authentication key for 
authenticating the host with the designated device; and 

distribution logic programmed to distribute the access information to the host 
device and to a separate designated device for enabling the host device to access a 
shared multicast distribution tree through the designated device, the token identifier 
being used by the designated device to obtain a group identifier and authentication key 
from memory in order to verify authentication of the host device. 


75. (currently amended) An apparatus comprising: 

receiving logic operably coupled to receive, from an access information server, 
access information, the access information enabling the host device to join a multicast 
group the access information being unique to the host device/multicast group pair , the 
authentication information including an access token comprising a host identifier, a token 
identifier and an authentication key for authenticating the host with the designated 
device; and 

access logic , implemented by a processor, operably coupled to generate an 
access control message for joining the multicast group using the access information and 
to send the access control message to a designated device separate from the access 
information server and coupling the host device to the multicast group, the token 
identifier being used by the designated device to obtain a group identifier and 
authentication key from memory in order to verify authentication of the host device. 


83. (currently amended) The apparatus of claim 7% 75, wherein the access information 
further comprises an expiration date for the access token. 
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87. (currently amended) A computer program stored on a non-transitory computer- 
readable storage medium for controlling a computer system, the computer program 
comprising: 

receiving logic programmed to receive access information for joining a multicast 
group from an access information server, the access information including authentication 
information unique to a host device/multicast group pair, the authentication information 
including an access token comprising a host identifier, a token identifier and an 
authentication key for authenticating the host with the designated device; and 

access logic_programmed to generate an access control message for joining the 
multicast group using the access information and to send the access control message to 
a designated device separate from the access information server and coupling the host 
device to the multicast group, the token identifier being used by the designated device to 
obtain a group identifier and authentication key from memory in order to verify 
authentication of the host device. 


95. (currently amended) The computer program of claim 8& 87, wherein the access 
information further comprises an expiration date for the access token. 


96. (currently amended) The computer program of claim 8S 87, wherein the access logic 
is programmed to include the token identifier in the access control message. 


99. (currently amended) An apparatus comprising: 

receiving logic operably coupled to receive an access control message from a 
host device, the access control message for permitting the host device to gain access to 
a multicast group, the access control message including authentication information 
unique to the host device/multicast group pair, the authentication information including 
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an access token comprising a host identifier, a token identifier and an authentication key 
for authenticating the host with the designated device; 

access logic implemented by a processor operably coupled to determine whether 
the host device is authorized to access a shared multicast distribution tree based upon 
access information for the host device stored at the apparatus, the stored access 
information including authentication information unique to the host device/multicast 
group pair and being received from a separate key server, the token identifier being 
used by the designated device to obtain a group identifier and authentication key from 
memory in order to verify authentication of the host device; and 

joining logic implemented by a processor operably coupled to join the shared tree 
on behalf of the host device if the access logic determines that the host device is 
authorized to access the shared tree. 


100. (original) The apparatus of claim 99, wherein the access logic is operably coupled 
to obtain the access information for the host device from an access information server. 


1 22. (currently amended) A computer program stored on a non-transitory computer- 
readable storage medium for controlling a computer system, the computer program 
comprising: 

receiving logic programmed to receive an access control message from a host 
device to enable the host device to join a multicast group, the access control information 
including authentication information unique to the host device/multicast group pair, the 
authentication information including an access token comprising a host identifier, a token 
identifier and an authentication key for authenticating the host with the designated 
device; 

access logic programmed to determine whether the host device is authorized to 
access a shared multicast distribution tree based upon stored access information for the 
host device, the stored access information including authentication information unique to 
the host device/multicast group pair and being received from a separate key server, the 
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token identifier being used by the designated device to obtain a group identifier and 
authentication key from memory in order to verify authentication of the host device; and 

joining logic programmed to join the shared tree on behalf of the host device if 
the access logic determines that the host device is authorized to access the shared tree. 

Allowable Subject Matter 

Claims 1-8, 10-16, 18-25, 27-28, 31-45, 47-61, 63-68, 70-75, 77-87, 89-105, 108- 
128, and 131-144 are allowed. 

Reasons for Allowance 

The following is an examiner's statement of reasons for allowance: No prior art 
could be found to teach all of the claimed features. In particular, no prior art could be 
found to teach the claimed network layout to provide a multicast distribution tree which 
applies a token identifier, group identifier and authentication key to authenticate joining 
members. For further detailed reasons for how the claims define over the prior art, 
please see the brief filed 7/23/08, the reply brief filed 2/17/09, and the BPAI decision on 
appeal dated 11/22/11. 

Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to AZIZUL CHOUDHURY whose telephone number is 
(571)272-3909. The examiner can normally be reached on M-F. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Krista Zele can be reached on (571) 272-7288. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/A. C.I 

Examiner, Art Unit 2453 


/Krista M. Zele/ 

Supervisory Patent Examiner, Art Unit 2453 


